Privacy Policy

Scroll

In line with our company ethos and the General Data Protection Regulation (GDPR) First Media Solutions Limited (“we”) are committed to respecting and protecting your privacy. This privacy policy will inform you as to how we collect, process and look after your personal data when you visit the website ‘www.firstmedia.co.uk’ (“our website”). By visiting our website you are accepting and giving your consent to the practices described in this policy.

We are the data controller and are responsible for your personal data.

By completing the ‘Contact Us’ or ‘Request for Proposal’ (RFP) forms on our website we will use the information you provide to reply and respond to your enquiry. This information is not added to our internal sales and marketing database or disclosed to any third parties (other than those set out in this privacy policy) without your permission.

Sign up forms

Sign up forms require your consent. By ticking the checkbox you are agreeing to us keeping in touch with you, sending you emails, post or by telephone in relation to services, products, solutions and industry insights that we may provide. We also like to keep our website visitors and customers updated by sending e-newsletters now and then. By filling in this form (signing up) you are agreeing to us adding your personal information to our internal sales and marketing database. Your personal information will not be disclosed to any third parties (other than those set out in this privacy policy) without your consent.

Website Analytics

Many businesses use website analytics to analyse the performance of their website and its content. However, to do this we need to collect technical information including,

Uniform Resource Locators (URL) and their clickstream to, through and from our website. This informs us of the services or products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information and methods used to browse away from the page.

Please be aware that using a third party in this case Google Analytics it’s also possible for us to identify the name of the company/business/headquarters that you’re Internet Protocol (IP) address is registered to. IP is the address used to connect your computer to the internet and contains information on the browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.

Data obtained through website analytics is kept for a period of 26 months only.

Please note the data handling processes of third parties are not included in this Privacy Policy.

Website Cookies

Our website uses cookies to help provide you with the best experience we can. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this Website may become inaccessible or not function properly. For specific information on the cookies we use and how we use them please view our Cookies Policy.

How do we use your data?

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us.

What do we use your data for?

We collect data from website analytics and cookies to improve the efficiency of our website, marketing and customer relationships and experiences, as well as to administer and protect the website.

We use the data you have provided to us to keep in contact with you, to respond to your enquiry, to register you as a customer and, to share information including industry insights, products and services we offer and news we think you might be interested in, as well as updates to our terms or privacy policy or we may ask you to leave a review or take a survey.

Disclosure of your data?

We may have to share your personal data with the parties set out below

Node4 Ltd acting as processor based in the UK who we disclose all your personal data for the purpose of providing website hosting services.

MailChimp provided by The Rocket Science Group acting as a processor based in the USA who we disclose your full name, organization name and email address in order to provide email services.

Google Analytics provided by Google acting as a processor based in the USA who we disclose IP address for the purpose of providing website services.

HubSpot acting as a processor based in the USA who we disclose your full name, email address and mobile number for the purposes of website services and data storage.

Xero acting as a processor based in the UK who we disclose all your personal data for the purpose of providing accounting services.

WorkflowMax provided by Xero acting as a processor based in the UK who we disclose all you personal data for the purpose of providing project management services.

Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services or other services.

HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.

Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

International Transfers

Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.

Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Data is stored securely using third party programs and software including, Google Analytics, HubSpot and Mailchimp. We take reasonable precautions to keep the data safe including using firewalls and anti-virus software which are regularly maintained and updated by our IT support service.

In addition we’ve appointed a designated data controller who is responsible for the process, procedure and safety of the data we collect, use and store. To speak to our data controller please call 01507 607783 or email data@firstmedia.co.uk.

How long do we store your data?

If your enquiry does not covert into a live contract we will delete all your personal data from our system within 60 days of the enquiry data. Unless you have requested we send you our marketing emails and newsletters, in which case we will only retain your full name and email address.

If the enquiry becomes a contracted agreement we will retain your personal information for a maximum of six years post termination. If you become a customer we will also seek permission to add you to our marketing and sales database to enable us to keep you up to date with new products, services, news and industry insights.

If you sign up to our e-news we will retain your name, organisation name and email address until you no longer wish to receive our e-news.

You can ask us at any time to stop sending you marketing messages or our e-news by following the opt-out links on any marketing message sent to you or by contacting us at data@firstmedia.co.uk.

Accessing and removing information

We aim to be transparent and are happy to discuss our policy and procedure with you. If you want to know exactly what personal information we may be storing about you and what we are using it for (if any/anything) you can make a data subject access request (DSAR).

To make a DSAR we require you to put the request in writing addressing it to our data controller at our registered office. We will respond to all data access requests without delay and at the latest within one month of receipt of the request. You will not have to pay a fee to access you personal data, unless such a request is clearly unfounded, repetitive or excessive.

Please note we are required to use reasonable means to verify the identity of any individual making a DSAR.

If we do hold any personally identifiable information about you are entitled to request that we:-

Let you have a copy of the information;

Correct any incomplete or inaccurate information;

Delete or remove the information where there is no good reason for us continuing to process it;

Stop processing your information where we are relaying on a legitimate interest and the processing impacts on your fundamental rights and freedoms;

Restrict the processing your information in certain circumstances;

Transfer the information to you or to a third party.

Third Party websites

Any content on our website that links to the websites and services of our partners, suppliers, advertisers, sponsors, licensors or other third parties including links that appear on these websites and are not covered by this privacy policy. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and these websites and services may have their own privacy policies and customer service policies which we encourage you to read.

Applying for work with us

We are committed to maintaining the security of your personal information and to being compliant with the GDPR. By applying for one of our vacancies, you are consenting to us collecting, storing and processing your personal information for the sole purpose of assessing your suitability for the role.

Unsuccessful candidates will have their data stored on our electronic systems for a period of 6 months following the application being received after which, any personally identifiable data will be deleted.

Changes and updates

We aim to maintain transparency with our customers and web visitors and to keep our privacy notice up to date and in line with current data protection laws. We may change this privacy policy from time to time. If so, we will notify you by providing an update on our website.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.